OK, that's what I thought. Basically the blog post from the Director of something something.. is wrong then.

From the blog:

VMware vShield Endpoint provides Symantec anti-malware protection with an additional layer of defense in-depth, agent-less and directly from VMware cloud infrastructure. This can improve the overall security posture and compliance for a growing number of virtual machines deployed without security agents, i.e. test and development and private cloud deployments.

Unless I'm missing something, the SIC sort of acts like the repository for all the files that are scanned and determined to be good or not. So files on the clients will be skipped if deemed good by the SIC. So I guess you could somewhat see this as agentless in some sense but you still need the client on each one so it can talk with the SIC.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Symantec is not currently using the vShield Endpoint API for agent-less AV on virtual machines in Symantec Endpoint Protection (SEP) 12.1. vShield support is planned to be integrated into future releases of the product.

Yes I've had numerous discussions with our account reps and basically the statement that SEP integrates with vmware using vshield is a total joke. All the integration provides is a shared storage (on a virtual appliance) that keeps track of what files were scanned so every virtual machine doesnt scan the same files. Great, but you still need a full client on each VM which is not how true vshield integration is supposed to work. Not that we needed another reason to stop using symantec but this has been the last thing which caused us to move to another vendor.